Dynamic multipoint IPv6 tunnels are another migration technique we can use. It’s called dynamic because we don’t have to specify the end-point IPv4 address ourselves but its being automatically determined. The downside of multipoint IPv6 tunnels is that they don’t support IPv6 IGPs. You have to use static routes or BGP.
There are two different flavors:
- Automatic 6to4
- ISATAP
Let’s dive in the automatic 6to4 tunnel to see how it works. We don’t configure the IPv4 end-point address ourselves but instead the IPv4 end-point address will be wrapped in the IPv6 destination address. Our IPv4 address is only 32-bit so it’s easy to fit it in a 128-bit IPv6 address right?
The 2002::/16 range has been reserved to use for tunneling. This IPv6 address space is only for tunneling and will never be used for IPv6 global unicast addresses. If we start with the 2002::/16 prefix we create a /48 prefix for each tunnel end-point. What we have to do is take the IPv4 address of the end-point and convert it into hexadecimal as bits 17 to 48.
The second step is that we can create subnets from /48 up to /64 prefixes for all the subnets behind the end-point.
Here’s a graphical overview. 2002::/16 is the range we can use for the tunnels. The second part is the IPv4 end-point address converted to hexadecimal. Up to /64 we can use to create subnets. C0A8:1703 converts to IPv4 address 192.168.23.3. Do you have trouble calculating from hex to binary/decimal and vice versa?
R3(config)#ipv6 general-prefix MYPREFIX 6to4 fastEthernet 0/0
R3#show ipv6 general-prefix
IPv6 Prefix MYPREFIX, acquired via 6to4
2002:C0A8:1703::/48
There is a neat trick on Cisco routers that can do the work for you. First you have to configure an IPv4 address on an interface and then use the ipv6 general-prefix command. It will convert the IPv4 address in hexadecimal and give you the correct IPv6 tunnel prefix with the show ipv6 general-prefix command. I’m not sure if this is available on the CCNP ROUTE exam but it’s nice to know anyway! Let’s take a look at an actual configuration of automatic 6to4 tunneling, this is the topology:
Let’s look at another example and configure automatic tunneling. The idea is that I don’t want to configure a tunnel destination on R1 nor R3…it should be created dynamically!
We’ll start with the configuration of the interfaces and IPv4 / IPv6 addresses:
R1(config)#interface loopback 0
R1(config-if)#ipv6 address 2001::1/128
R1(config-if)#exit
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.12.1 255.255.255.0R2(config)#interface fastEthernet 0/0
R2(config-if)#ip address 192.168.12.2 255.255.255.0
R2(config-if)#exit
R2(config)#interface fastEthernet 1/0
R2(config-if)#ip address 192.168.23.2 255.255.255.0R3(config)#interface fastEthernet 0/0
R3(config-if)#ip address 192.168.23.3 255.255.255.0
R3(config-if)#exit
R3(config)#interface loopback 0
R3(config-if)#ipv6 address 2001::3/128
Next step is to configure routing so that we have reachability in IPv4:
R1(config)#router eigrp 123
R1(config-router)#no auto-summary
R1(config-router)#network 192.168.12.0R2(config)#router eigrp 123
R2(config-router)#no auto-summary
R2(config-router)#network 192.168.12.0
R2(config-router)#network 192.168.23.0R3(config)#router eigrp 123
R3(config-router)#no auto-summary
R3(config-router)#network 192.168.23.0
We will use the FastEthernet0/0 interfaces to build the tunnel. Since the tunnel is created automatically we need to know the IPv6 equivalent of the IPv4 addresses:
R1(config)#ipv6 general-prefix MYPREFIX 6to4 fastEthernet 0/0R3(config)#ipv6 general-prefix MYPREFIX 6to4 fastEthernet 0/0R1#show ipv6 general-prefix
IPv6 Prefix MYPREFIX, acquired via 6to4
2002:C0A8:C01::/48R3#show ipv6 general-prefix
IPv6 Prefix MYPREFIX, acquired via 6to4
2002:C0A8:1703::/48This time I’m going to use the IP addresses on the FastEthernet0/0 interfaces to build the tunnel. Since the tunnel is created automatically we need to know the IPv6 equivalent of the IPv4 addresses.
R1(config)#interface tunnel 0
R1(config-if)#ipv6 address 2002:C0A8:C01::1/64
R1(config-if)#tunnel source fastEthernet 0/0
R1(config-if)#tunnel mode ipv6ip 6to4R3(config)#interface tunnel 0
R3(config-if)#ipv6 address 2002:C0A8:1703::3/64
R3(config-if)#tunnel source fastEthernet 0/0
R3(config-if)#tunnel mode ipv6ip 6to4
Let me walk you through this configuration: The tunnel interface has an IPv6 address that starts with 2002: and then the IPv4 address in hex:
- Router R1: 192.168.12.1 – C0A8:C01
- Router R3: 192.168.23.3 – C0A8:1703
The tunnel is sourced from the FastEthernet interface (I could have used a loopback as well) and there is no destination. That’s why we need the tunnel mode ipv6ip 6to4 command for. It tells the router to get the IPv4 address from the IPv6 address.
Are we done? Well almost. The tunnel configuration is OK but we still have to tell our routers how to reach the loopback0 interfaces. It’s impossible to run an IGP on dynamic tunnel interfaces so we can use static routes or BGP. I’m going to use static routes.
R1(config)#ipv6 route 2001::3/128 2002:C0A8:1703::3
R1(config)#ipv6 route 2002::/16 tunnel 0R3(config)#ipv6 route 2001::1/128 2002:C0A8:C01::1
R3(config)#ipv6 route 2002::/16 tunnel 0
The first static route we need to tell our routers how to reach the loopback0 interface of the other side. It points to the IPv6 address which has the IPv4 address in hex in it. The routers will have to do recursive routing to find an entry for 2002:: which is why we need the second static route. Since 2002::/16 is reserved for tunneling I’m creating a static that points directly to our tunnel0 interface.
R1#ping 2001::3 source loopback 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:3::3, timeout is 2 seconds:
Packet sent with a source address of 2001::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/8 ms
A quick ping shows we can reach the loopback0 interface of the other side! That’s how it is done. If you have any more questions please leave a comment.
hostname R1
!
interface loopback 0
ipv6 address 2001::1/128
!
interface fastEthernet 0/0
ip address 192.168.12.1 255.255.255.0
!
interface tunnel 0
ipv6 address 2002:C0A8:C01::1/64
tunnel source fastEthernet 0/0
tunnel mode ipv6ip 6to4
!
router eigrp 123
no auto-summary
network 192.168.12.0
network 1.1.1.0
!
ipv6 general-prefix MYPREFIX 6to4 fastEthernet 0/0
!
ipv6 route 2001::3/128 2002:C0A8:1703::3
ipv6 route 2002::/16 tunnel 0
!
endhostname R2
!
interface fastEthernet 0/0
ip address 192.168.12.2 255.255.255.0
!
interface fastEthernet 1/0
ip address 192.168.23.2 255.255.255.0
!
router eigrp 123
no auto-summary
network 192.168.12.0
network 192.168.23.0
!
endhostname R3
!
interface loopback 0
ipv6 address 2001::3/128
!
interface fastEthernet 0/0
ip address 192.168.23.3 255.255.255.0
!
interface tunnel 0
ipv6 address 2002:C0A8:1703::3/64
tunnel source fastEthernet 0/0
tunnel mode ipv6ip 6to4
!
router eigrp 123
no auto-summary
network 192.168.23.0
network 3.3.3.0
!
ipv6 general-prefix MYPREFIX 6to4 fastEthernet 0/0
!
ipv6 route 2001::1/128 2002:C0A8:C01::1
ipv6 route 2002::/16 tunnel 0
!
end
No comments:
Post a Comment